[Samba] SSH SSO without keytab file

Harpoon harp00n at protonmail.com
Fri Jan 18 10:46:49 UTC 2019

> ...
> Use : getent passwd username
> Check if wbinfo -u works also.

With and without 'backend : ad', 'wbinfo -u' works fine. However, with 'backend : ad', `getent passwd administrator` doesn't show AD user; hence I'm unable to su or ssh.

> As tip, if you try these.
> id username
> getent passwd username
> wbinfo -u | grep username
Tried all these.


> If all work and show your usename, then you should be able to login (sso) on ssh.
> If your users are only on this server and you dont need to share homedirs.
> Then you need mk_homedir in pam also.
> To enable, its simple on ubuntu/debian
> pam-auth-update --package mkhomedir
> pam-auth-update
> And enable mkhomedir ( you can use pam-auth-update --force also )
Got it!

> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba

More information about the samba mailing list